package org.owasp.esapi.reference;

import java.util.Map;
import org.owasp.esapi.AccessControlRule;
import org.owasp.esapi.AccessController;
import org.owasp.esapi.ESAPI;
import org.owasp.esapi.Logger;
import org.owasp.esapi.errors.AccessControlException;
import org.owasp.esapi.reference.accesscontrol.policyloader.ACRPolicyFileLoader;

/* loaded from: input_file:embedded.war:WEB-INF/lib/esapi-2.1.0.1.jar:org/owasp/esapi/reference/DefaultAccessController.class */
public class DefaultAccessController implements AccessController {
    private static volatile AccessController singletonInstance = null;
    protected final Logger logger = ESAPI.getLogger("DefaultAccessController");
    private Map ruleMap = new ACRPolicyFileLoader().load().getAccessControlRules();

    public static AccessController getInstance() throws AccessControlException {
        if (singletonInstance == null) {
            synchronized (DefaultAccessController.class) {
                if (singletonInstance == null) {
                    singletonInstance = new DefaultAccessController();
                }
            }
        }
        return singletonInstance;
    }

    private DefaultAccessController() throws AccessControlException {
    }

    @Override // org.owasp.esapi.AccessController
    public boolean isAuthorized(Object obj, Object obj2) {
        try {
            AccessControlRule accessControlRule = (AccessControlRule) this.ruleMap.get(obj);
            if (accessControlRule == null) {
                throw new AccessControlException("Access Denied", "AccessControlRule was not found for key: " + obj);
            }
            if (this.logger.isDebugEnabled()) {
                this.logger.debug(Logger.EVENT_SUCCESS, "Evaluating Authorization Rule \"" + obj + "\" Using class: " + accessControlRule.getClass().getCanonicalName());
            }
            return accessControlRule.isAuthorized(obj2);
        } catch (Exception e) {
            try {
                throw new AccessControlException("Access Denied", "An unhandled Exception was caught, so access is denied.", e);
            } catch (AccessControlException e2) {
                return false;
            }
        }
    }

    @Override // org.owasp.esapi.AccessController
    public void assertAuthorized(Object obj, Object obj2) throws AccessControlException {
        try {
            AccessControlRule accessControlRule = (AccessControlRule) this.ruleMap.get(obj);
            if (accessControlRule == null) {
                throw new AccessControlException("Access Denied", "AccessControlRule was not found for key: " + obj);
            }
            if (this.logger.isDebugEnabled()) {
                this.logger.debug(Logger.EVENT_SUCCESS, "Asserting Authorization Rule \"" + obj + "\" Using class: " + accessControlRule.getClass().getCanonicalName());
            }
            if (!accessControlRule.isAuthorized(obj2)) {
                throw new AccessControlException("Access Denied", "Access Denied for key: " + obj + " runtimeParameter: " + obj2);
            }
        } catch (Exception e) {
            throw new AccessControlException("Access Denied", "An unhandled Exception was caught, so access is denied.AccessControlException.", e);
        }
    }

    @Override // org.owasp.esapi.AccessController
    public void assertAuthorizedForData(String str, Object obj) throws AccessControlException {
        assertAuthorized("AC 1.0 Data", new Object[]{str, obj});
    }

    @Override // org.owasp.esapi.AccessController
    public void assertAuthorizedForFile(String str) throws AccessControlException {
        assertAuthorized("AC 1.0 File", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public void assertAuthorizedForFunction(String str) throws AccessControlException {
        assertAuthorized("AC 1.0 Function", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public void assertAuthorizedForService(String str) throws AccessControlException {
        assertAuthorized("AC 1.0 Service", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public void assertAuthorizedForURL(String str) throws AccessControlException {
        assertAuthorized("AC 1.0 URL", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public boolean isAuthorizedForData(String str, Object obj) {
        return isAuthorized("AC 1.0 Data", new Object[]{str, obj});
    }

    @Override // org.owasp.esapi.AccessController
    public boolean isAuthorizedForFile(String str) {
        return isAuthorized("AC 1.0 File", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public boolean isAuthorizedForFunction(String str) {
        return isAuthorized("AC 1.0 Function", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public boolean isAuthorizedForService(String str) {
        return isAuthorized("AC 1.0 Service", new Object[]{str});
    }

    @Override // org.owasp.esapi.AccessController
    public boolean isAuthorizedForURL(String str) {
        return isAuthorized("AC 1.0 URL", new Object[]{str});
    }
}
